General Terms and Conditions

Section I - General Terms

 

1 Introduction

 

1.1
These terms and conditions ("General Terms and Conditions") constitute the general terms and conditions under this Section I ("General Terms") and the service terms and conditions under any subsequent sections ("Service Terms").

1.2
The General Terms apply to the provision of all types of products, deliverables and services ("Services"). Each of the Service Terms apply in addition to the General Terms to the Service, for which they state to be applicable. The provisions of the Service Terms prevail in the event of conflict with the provisions of the General Terms.

1.3
The General Terms and Service Terms form an integrated part of an Agreement (as defined below). The provisions of the Agreement prevail in the event of conflict with the provisions of the General Terms or the Service Terms.

1.4
The General Terms and applicable Service Terms also apply to Services provided prior to entering into the Agreement as well as additional services derived from or otherwise related to the Services.

 

2 Agreement

2.1
"Agreement" means any agreement between any customer as set out therein ("Customer") and the Supplier as set out therein ("Supplier") regarding provision of Services regardless of medium and method of entering into the Agreement and whether signed, confirmed by e-mail or otherwise legally formed.

2.2
An Agreement may be made pursuant to a separate order, service agreement, work order, statement of work (SOW), email or similar document containing information about the Services, the scope, price and/or any special terms applicable to the Services.

2.3
Each Agreement constitutes an individual Agreement, separate from other Agreements entered into between the parties.

2.4
There are no cross effects between Agreements. Consequently, breach, defects, delay, termination for any reason etc. relevant to Services under one Agreement does not affect any other Agreement. Limitations of liability apply to and are calculated for each Agreement separately. Termination (for any reason) of an Agreement does not affect any other Agreement and vice versa. In the event of termination of an Agreement, the Supplier shall continue to provide the Services in accordance with any other Agreements, including any underlying Agreements, unless such Agreements are also terminated.

 

3 Services

3.1
Each Agreement contains an exhaustive specification of the Services and the requirements that may be imposed, including scope, quantity and quality. If the Customer has specific expectations in this regard or other prerequisites, it is the Customer's responsibility to ensure that these are included in the Agreement.

3.2
The Services can be provided as a continuous service ("Ongoing Service") or as an ad hoc service.

3.3
Ongoing Service Agreements will include a description of the Supplier's tasks and obligations relating to establishment and Transition ("Transition In") and/or specific obligations upon termination ("Transition Out"), if agreed.

3.4
Information provided by the Supplier in brochures, catalogues, price lists, advertisements, previous quotations, on webpages or verbally, as well as any terms or conditions in any purchase terms or such similar document provided by the Customer, does not apply to the Services, unless repeated in the Agreement.

3.5
Services must be provided in accordance with generally accepted good practice in a particular field ("Good IT Practice").

3.6
t appears from the Agreement to which extent agreed Services are to be documented.

 

4 Customer's contracting party

4.1
The Customer may enter into Agreements with any group company of itm8 on the basis of these General Terms and the Service Terms.

4.2
The Customer's contracting party will be the legal entity identified in each Agreement, and other group companies will not be liable for performance of the Agreement.

 

5 Cooperation between the parties

5.1
The parties must loyally secure the performance of the Agreement in a flexible and cooperative manner necessary for the timely provision of the Services. Each party must ensure that the necessary organisational structure to do so is in place. The parties must ensure that their representatives have the necessary authority and decision-making competence.

5.2
The Customer must participate as agreed in the Agreement and provide contribution and participation reasonably expected or requested from time to time by the Supplier, including in relation to decision making, information and resources.

5.3
The Customer must, to the extent necessary for the Supplier's provision of the Services, obtain the necessary approvals, licences, authorisations, consents and permits to enable the Supplier to: (a) access the Customer sites and contact the Customer personnel, and (b) use, access, maintain and modify software, hardware and other materials provided or made available by the Customer.

5.4
The Customer must minimise the risk of loss or damage to the Customer's IT systems, including by performing backup of data where such task is not included in the agreed Services, and ensure that any safety regulations or other guidelines that apply to the Supplier's access to the Customer's IT systems are explicitly specified in the Agreement.

5.5
If information provided by a party is inaccurate or incomplete, or a party fails to perform its obligations, the parties agree to negotiate in good faith reasonable Changes to the affected part(s) of the Services and/or Agreement.

 

6 Time schedule and delivery

 

6.1
The Services are delivered in accordance with the deadlines and during the period set out in the Agreement ("Date of Delivery").

6.2
If tests have been agreed prior to the Date of Delivery and the Customer fails to carry them out, or if a Service is put into use without prior approval of tests, the Date of Delivery shall be deemed to have occurred upon the Customer's use of the Service.

6.3
The risk of the Services passes to the Customer at the Date of Delivery.

 

7 Compliance with statutory requirements

7.1
The Supplier's Services must comply with mandatory legislation applying to the Supplier during the term of the Agreement, including any amendments thereto. This, however, does not apply to legislation that is specific to the Customer's industry, unless the parties have explicitly agreed so.

7.2
The Customer is liable that the Customer's specific use of the Services is legal, unless the said Service is so designed that its general use will conflict with mandatory legislation.

7.3
The Supplier must keep updated about amendments of mandatory legislation that necessitates Changes of the Supplier's Services and notify the Customer of such need for changes.

7.4
However, the Customer must keep updated about amendments of mandatory legislation that are specific to the Customer's industry and must notify the Supplier thereof, unless the parties have explicitly agreed otherwise.

7.5
Any Changes in Services necessitated by amendments of mandatory legislation will be handled as a Change pursuant to clause 9. The Supplier is entitled to payment for such Changes, regardless if they are requested by the Customer or the Supplier. Payment is based on the costs imposed on the Supplier to implement the Changes and on the basis of the principle that the Supplier's total costs related to the Change to a reasonable and possible extent are divided between the affected Customers.

7.6
Any changes in Services necessitated by amendments of the agreed audit or security standards will be handled as a Change on the part of the Customer.

 

8 Audit statements and certifications

 

8.1
If, under the Agreement, the Supplier is required to provide annual audit statements to verify compliance with requirements for IT security, personal data processing, etc., this is specified in the Agreement. The statement only covers the Supplier's standard Services.

8.2
If an audit statement includes remarks or other criticism related to the Supplier's performance of its obligations under the Agreement, the Agreement includes a description of the procedure to be followed.

8.3
Any certification requirements are also set out in the Agreement. The Supplier shall be entitled to replace a certification with an alternative generally accepted certification, provided that the latter is substantially equivalent to the one originally agreed, and provided that such replacement is objectively justified.

 

9 Changes

 

9.1
To the extent that the General Terms or the Service Terms include a reference to a process for changes ("Changes"), the terms of this clause 9 shall apply.

9.2
Changes to the Agreement, including the Services, must be in writing (e.g., digitally or via a platform provided by the Supplier) and are subject to agreement by the parties.

9.3
Reasonable time and materials spent by the Supplier, at the request of the Customer, in the analysis and preparation of Changes are payable by the Customer.

9.4
To the extent changes in laws, regulations and the Customer policies impacts the delivery of the Services, the impact on the Services is handled as a Change, unless otherwise specified in an Agreement.

9.5
The Supplier may adjust and amend the General Terms and Conditions and any separate Data Processing Agreement agreed between the parties with a prior written notice of 90 days if such changes do not significantly impair the Customer's rights or if the changes are due to new legislation or case law that necessitates such changes.

 

10 Use of sub-suppliers

 

10.1
The Supplier may use sub-suppliers in the performance of the Services. Such sub-suppliers shall be subject to the Supplier's powers of direction, and consequently, the Supplier shall be liable for any services provided by sub-suppliers in the same way as for its own services.

10.2
The Supplier must establish contracts, procedures and workflows ensuring compliance with an Agreement in case of the Supplier's use of any sub-suppliers.

10.3
If the Supplier uses sub-suppliers delivering specific Services to the Customer that cannot be replaced by a third party, the Customer may make the use of such sub-suppliers conditional upon the fact that the Customer is entitled to adopt an agreement with the sub-supplier in case of termination of the Agreement, ensuring the Customer continued access to these Services.

10.4
If the Supplier's sub-suppliers store or otherwise process the Customer's personal data on behalf of the Supplier, the Sup-plier warrants that the sub-supplier has assumed data processing liabilities in relation to the Supplier pursuant to applicable law.

 

11 Third Party Services

 

11.1
The Services may include the provision of services by a third party which do not specifically contribute to the performance of an Agreement, but which are in the nature of a standard service used by the Supplier as a supporting service to a plurality of customers and in respect of which such services are provided on standard terms by the provider ("Third Party Services"). Such Third Party Services may be made available as a Public Cloud service ("Public Cloud Service"), which is then processed as a Third Party Service.

11.2
Notwithstanding any provision to the contrary, the Supplier assumes no liability of any kind for Third Party Services, including with respect to availability, functionality, updates, amendments or defects. Third Party Services are provided strictly "as is", and the third party providing the Third Party Services is not considered a sub-supplier.

11.3
Notwithstanding the above, the Supplier shall be subject to customary advisory liability in the selection of suppliers of Third Party Services.

11.4
If the Third Party Service is provided as a Public Cloud Service, such Services are provided on terms that the Customer, based on agreement between the Supplier and the Public Cloud provider, is obliged to accept as a condition to access the Public Cloud Services. The Customer shall have easy access to the terms of access to the Public Cloud Services. The Supplier may comply with the duty to provide information by providing links to the terms to the Customer, for example on a customer portal, a website or similar.

11.5
The Supplier can at any time replace the Supplier's Third Party Services providers, provided however, that the Services in general do not significantly deteriorate in relation to functionality etc. as a consequence of such replacement.

11.6
The Customer further accepts that Third Party Services are continuously developed and adapted on the basis of technological development, market demand, etc.

11.7
This clause 11 shall apply for any Third Party Service, whether integrated in the Services or made available to the Customer as a standalone Service, etc.

 

12 Retention of title

 

12.1
Physical deliverables such as e.g. Hardware are provided subject to retention of title. The Supplier retains full legal title to each unit notwithstanding the delivery to the Customer and possession and use of the unit by the Customer.

12.2
The Customer shall ensure that units subject to retention of title can be uniquely identified and separated from the Customer's other units, and the Supplier shall be entitled to request documentation thereof and to carry out checks in this regard at the Customer's premises during normal working hours. The Customer shall not be entitled to remove any labels on a device attached by the Supplier regarding the retention of title.

12.3
The Customer cannot pass on, lease, sell, pledge or otherwise dispose of units covered by retention of title in relation to a third party.

12.4
The retention of title remains in force until the Customer has paid the total remuneration for the affected unit, including applicable interest, costs and expenses.

 

13 Prices and terms of payment

 

13.1
The Agreement sets out the prices to be paid by the Customer for the Services, including fixed periodic payments and payments based on use and for scaling of Services at unit prices. For any Services for which payment is not set out in the Agreement, the Services will be provided against payment on a time and material basis in accordance with the actual number of hours and materials spent in the delivery hereof and in accordance with the Supplier's generally applicable price list from time to time.

13.2
All prices are specified in Danish Kroner (DKK) and are exclusive of VAT and other taxes. To the extent where the Services are subject to tax (including VAT, sales tax and any other kinds of duties and taxes), such taxes must be added to the price in accordance with the legislation in force and must be invoiced in accordance therewith.

13.3
If any new or adjusted sales taxes, general taxes, duties, contributions or similar duties and taxes are imposed by public authorities, prices must be adjusted with the net financial consequence for the Supplier.

13.4
The Supplier may invoice the Customer prior to delivery of any Ongoing Services as well as Services subject to a fixed fee. All other Services will be invoiced monthly in arrears.

13.5
The terms of payment are set out in the Agreement or specified on the Customer’s invoice.

13.6
Interest on overdue payments accrue in accordance with applicable law.

13.7
Unless otherwise set out in the Agreement, the Supplier may adjust the agreed fixed fees for Ongoing Services and hourly rates annually with effect from 1st of January and based on the annual adjustment as shown in the standardised wage index for the Supplier's industry (information and technology services) as published by Statistics Denmark, however, with a minimum of 2%.

13.8
In case of changes due to external circumstances, including in relation to currency rates, charges for insurance and carriage, price changes, licence models, binding periods etc. for Third Party Services etc., the Supplier is allowed to further adjust its charges towards the Customer by the net impact of the changes when such changes are introduced by the supplier of the Third Party Services and without prior notice.

13.9
Set-off against any payments invoiced by the Supplier is not permitted.

13.10
The Supplier may collect and/or require information on the Customer's credit rating. Further, in case of a justified suspicion of inability to pay or actual non-payment, the Supplier may require prepayment or adequate security in the form of a bank guarantee by a well-reputed financial institution in an amount equal to the estimated payments for the Services, as a condition for the (continued) provision hereof.

 

14 Supplier's breach

 

14.1 In general

14.1.1
Unless otherwise specified in the Agreement, the ordinary rules of Danish law shall apply in case of the Supplier's breach and as regards the Customer's remedies for breach with the modifications resulting from the General Terms and Conditions.

14.1.2
Regardless of the reason for a delay or a defect, the Supplier must notify the Customer without undue delay if the Supplier knows that a delay or a defect of significant importance to the Customer has occurred.

14.1.3
The Customer shall, as a condition for invoking agreed remedies for breach, examine the Services without undue delay after the Date of Delivery, and the Customer's remedies for breach, including for defects and delay, shall cease if the Supplier has not received written notice from the Customer without undue delay after the breach was discovered or ought to have been discovered.

14.1.4
The Supplier's liability for breach, including for defects and delay, shall in any circumstance cease no later than 6 months after the Date of Delivery of the Services in question.

14.1.5
Notice of breach does not exempt the Customer from its obligation to pay invoiced amounts when due.

14.2 Supplier's delay

14.2.1
A Service is delayed if the delivery takes place after a Date of Delivery agreed in an Agreement as a milestone for the Service in question and provided that the delay is insignificant and is caused solely by matters relating to the Supplier.

14.3 Defects in the Supplier's Services

14.3.1
A defect in the Supplier's Services exists when they do not meet the requirements specified in the Agreement and provided that the defect is not minor.

14.4 Remedial action

14.4.1
The Supplier is obliged and entitled to remedy the cause of delay and defects in the Services. The remedial action must comply with the deadlines, procedures and service targets specified in an Agreement. If remedial action is not comprised by the agreed service targets, remedial action must be carried out within a reasonable time, taking into account the nature of the situation and the importance of the matter to the Customer. The obligation to remedy delays or defects does not apply if the said delay or defect is insignificant to the Customer and if such remedial action will impose disproportionate costs on the Supplier.

14.4.2
If the delay or the defect has been caused by circumstances for which the Supplier is not liable, the Supplier is entitled to claim payment for such remedial action on a time basis pursuant to the hourly rates specified in Agreement.

14.4.3
Defects may at the sole discretion of the Supplier be remedied by remediation or replacement.

14.4.4
If the breach cannot be remedied within a reasonable time, taking into account the nature of the situation, the parties must in good faith discuss a remedial plan for the breach and any reasonable workaround.

14.4.5
The Customer's claim for remedial action does not deprive the Customer of the right to claim other remedies for breach.

14.5 Proportionate reduction

14.5.1
If the breach cannot be remedied, the Customer is entitled to claim a proportionate reduction in accordance with the ordinary rules of Danish law. Proportionate reduction does not preclude the Customer from claiming damages if the Customer can prove a financial loss exceeding the proportionate reduction and, in that case, only for the difference between the proportionate reduction and the financial loss.

14.5.2
If the Customer is entitled to a penalty on the basis of delay or non-compliance with service targets in an Agreement, the Customer cannot claim a proportionate reduction for the same matter.

14.6 Damages

14.6.1
The Customer may claim damages in accordance with the ordinary rules of Danish law with the limitations specified in these terms.

14.6.2
If the Customer exercise the right to claim a penalty, damages may only be claimed if the Customer has suffered a documented loss exceeding the penalty amount, and only for the difference between the penalty amount and the loss.

14.7 Termination for cause

14.7.1
The Customer may terminate an Agreement in whole or in part with immediate effect in case of the Supplier’s material breach of the Agreement, provided that such material breach has not been remedied before expiry of a written notice of at least thirty (30) working days (“Working Days”), understood as Monday to Friday except for official Danish public holidays, 24 December, 31 December and the Danish Constitution Day on 5 June. The notice must include a description of the nature of the material breach and information that any non-compliance will lead to termination of the Agreement with immediate effect. If the material breach cannot be remedied within thirty (30) Working Days, the Customer may terminate the Agreement without prior notice.

14.7.2
The Customer’s termination will take effect from the time of termination (ex nunc). However, where an Agreement provides for the provision of establishment and transition Services, termination will take effect from the date of the Agreement (ex tunc) if the termination occurs before the acceptance date.

14.7.3
Regardless of the Customer’s termination, the Supplier must continue the supply of the Ongoing Services pursuant to clause 20.3 and provide the Customer with the necessary assistance in case of termination if specified in an Agreement.

14.8 Exemption from liability

14.8.1
The Supplier is not liable for delays and defects related to the Services to the extent such delays or defects are due to:

a) The Customer’s breach, regardless if such breach has been caused by the Customer itself or its sub-suppliers or other business partners;

b) Defects in the Customer’s own software, including third party software or other systems provided by the Customer;

c) Force majeure;

d) Matters for which the Supplier is not liable pursuant to other parts of an Agreement.

14.8.2
The above does not represent an exhaustive list of matters for which the Supplier is not liable.

 

15 Customer’s breach

 

15.1 In general

15.1.1
By ‘Customer’s breach’ is meant that the Customer does not contribute to the performance of an Agreement as agreed, either by not making the agreed payments or by not assisting the Supplier as agreed and furthermore by not meeting its obligations under the Agreement.

15.1.2
Unless otherwise specified in the Agreement, the ordinary rules of Danish law shall apply in relation to the Customer’s breach and the Supplier’s remedies for breach in this regard.

15.2 Default interest

15.2.1
If the Customer is in breach of its payment obligations, the Supplier is entitled to claim interest pursuant to the provisions of the Danish Interest Act (in Danish “renteloven”).

15.3 Compensation

15.3.1
The Supplier may claim damages for loss caused by the Customer's breach in accordance with the general provisions of Danish law.

15.3.2
The Supplier may claim damages for time spent internally which has been caused by the Customer's breach, and which is calculated on the basis of the hourly rates specified in the Agreement breached.

15.4 Termination for cause

15.4.1
The Supplier may terminate an Agreement with immediate effect if the Customer does not pay the agreed amounts in due time.

15.4.2
If the payment is disputed, the situation of non-payment may be temporarily remedied by the Customer providing security for the disputed amount, by depositing the amount in the Customer's bank, and the Customer providing appropriate documentation.

15.4.3
The Supplier may furthermore terminate an Agreement with immediate effect if the Customer's non-contribution to the performance of the Agreement can characterised as a material breach of the Customer's duty of contribution under an Agreement.

15.4.4
Termination is only possible if the breach has not been effectively remedied within 10 Working Days after the Supplier has demanded in writing that the Customer must fulfil its duty of contribution. The demand must include a description of the non-contribution and information that any non-compliance will lead to termination of the Agreement with immediate effect.

15.5 Continued supply of Ongoing Services regardless of breach

15.5.1
The ordinary rules of Danish law on the right of retention generally apply in the event of breach by the Customer.

15.5.2
The Supplier must, however, at the written request of the Customer, continue to provide Ongoing Services pursuant to the Agreement regardless of the Customer is in breach. This also applies when the Supplier terminates the Agreement as a result of the Customer's material breach.

15.5.3
However, the Supplier's obligation to continue to provide the Ongoing Services is conditional upon the Customer following the agreed procedures set out in clause 28.

 

16 Limitation of liability

 

16.1 Monetary limitation of liability

16.1.1
A party's total claim for proportionate reduction, damages and penalty is limited to 100% during a twelve (12) months' period of the amount received by the Supplier during the preceding twelve (12) months. If a period of twelve (12) months has not yet passed, the limitation of liability will be calculated as the average of the amounts received during the months passed multiplied by twelve (12). The limitation applies regardless of whether the claim is based on contract, indemnity, statute or equity.

16.1.2
The limitation on the amount set out in clause 16.1.1 is increased to 125% of the defined amount for the Customer's loss arising from unlawful processing of personal data, including the costs of damages and compensation to data subjects.

16.1.3
However, if the Supplier has paid damages and/or other amounts to a data subject based on Article 82 of the General Data Protection Regulation or Section 26 of the Danish Liability for Damages Act (in Danish Erstatningsansvarsloven”), the Customer shall indemnify the Supplier for the amount paid in excess of the agreed limitation of liability.

16.2 Other limitations

16.2.1
A party's liability does not extend to indirect loss, including operating loss, consequential damages or any other indirect loss.

16.2.2
A party's liability does not include the following types of loss, whether categorised as direct or indirect loss:

a) The Customer's lost revenue (lost profit or earnings)

b) Expected or foreseen savings

c) Loss of goodwill

d) Loss caused by business interruption

e) Reduced business value

16.2.3
Necessary loss mitigation costs, including cover purchases, Supplier's lost profits under the Agreement, increased resource spend by Supplier or payment for Consultancy Services that cannot be reallocated, are deemed a direct loss.

16.2.4
The Supplier shall not be liable for any damage and loss caused by IT viruses, cybercrime or other forms of unauthorised interference by third parties with the Customer's or the Supplier's IT systems, unless the loss is directly related to the loss of data covered by the Supplier's backup and restore obligations and provided that the damage occurs as a result of a breach of the agreed security requirements related to the backup and restore services.

16.2.5
The Customer's reasonable internal and external costs of restoring or reconstructing lost or corrupted data shall only be considered a direct loss if such loss or corruption of data is directly caused by the Supplier's failure to deliver the agreed backup and restore Services. It is emphasised in this context that the Customer must document that data is originally stored on the backup in error-free condition, and the Customer is obliged to continuously check that a backup contains the desired data. It is further the Customer's responsibility to ensure that the agreed period for backing up data is sufficient. Loss of data and costs for its restoration in other cases qualify as indirect loss.

16.3 Other terms relating to agreed limitations of liability

16.3.1
The limitations of liability set out in clause 16.1 and 16.2 may not be invoked in the following situations:

a) losses caused by non-payment of overdue invoices;

b) losses that cannot be excluded or limited under applicable mandatory law;

c) product liability in case of death or personal injury;

d) a claim made by, and finally awarded to, a third party that a Service infringes its intellectual property rights;

e) financial claims made against the Supplier by third parties as a consequence of the Customer’s defective or erroneous licensing of the Software, including the Supplier’s internal and external costs related to handling such matter;

f) gross negligence, wilful misconduct or fraud.

16.3.2
The Supplier is not liable for loss or damages arising from the Customer's or a third party's implementation of, changes to or interference with the Services.

 

17 Insurance

 

17.1
The Supplier must take out general third party liability insurance including what is considered fair and reasonable coverage of Services in the Supplier's industry, and including any Supplier product liability pursuant to the ordinary rules of Danish law.

 

18 Intellectual property rights

 

18.1 In general

18.1.1
Both parties will retain any intellectual property rights that existed before the signing of an Agreement.

18.1.2
The Supplier (or the Supplier's licensors) shall own and be the author of all intellectual property rights in the results of the Services provided in connection with the performance of an Agreement (including any intellectual property rights jointly created with the Customer).

18.1.3
The Customer is entitled to allow other legal entities to access a Service to the extent expressly stated in the Agreement.

18.2 Customer materials

18.2.1
If under an Agreement the Customer grants the Supplier the right to use materials in the form of, for example, tools, documentation or software for use in or as a basis for the provision of agreed Services, it is agreed that it is the Customer's responsibility to ensure that the right of use covers the use that is necessary for the performance of the Agreement. The right of use is limited in time, non-exclusive and non-transferable.

18.2.2
The right of use only includes use required for the performance of the Agreement and will terminate at the time of termination of the Agreement.

18.3 The Supplier's software and third party software

18.3.1
The Supplier grants to the Customer, with effect from the conclusion of the Agreement or such other time as may be specified in the Agreement, a non-exclusive, time-limited and non-transferable right to use the Supplier's own software expressly covered by the Agreement. The right of use only comprises the Customer's internal use and will terminate at the time of termination of the Agreement. The right of use may be further regulated in an Agreement.

18.3.2
The right of use shall be suspended upon default of payment by the Customer, after which the Supplier may terminate the Customer's access to the Software without notice.

18.3.3
If the Supplier provides the Customer with a licence for third party software as part of an Agreement, the Customer's rights and obligations, including in relation to access to the use thereof, shall be governed solely and exhaustively by the licence terms laid down by the third party which are applicable to the third party software in question at any time.

18.4 Change of distributor – third party software

18.4.1
If the Customer uses distributors in connection with the licensing of third party software, and the licensor permits the Customer to replace its existing distributor of the licensor's third party software with a different and new distributor of the licensor's third party software, the Customer hereby authorises the Supplier to effect such distributor change on behalf of the Customer if the Customer so requests the Supplier in writing. This authorisation includes all actions necessary in connection with the execution of a change of distributor of third party software on behalf of the Customer, including signing on behalf of the Customer such documents as the licensor may require.

18.5 Third parties' rights to software

18.5.1
Each party must have the required rights to use third party software or make the software in question available to the other party, as provided by an Agreement.

18.6 Documentation rights etc.

18.6.1
The Supplier retains all intellectual property rights to its documentation ("Documentation"), tools and methods developed or made available to the Customer for the performance or use of Services under an Agreement.

18.6.2
Subject to the timely payment by the Customer of all amounts due, the Customer acquires a perpetual and non-exclusive right of use to any description and Documentation of the Customer's own systems and business processes developed by the Supplier under an Agreement. Thus, the Customer has an unrestricted right to use, amend, transfer and versionise such reports, specifications, recommendations, charts and other customer-specific descriptions of the Customer's systems and business processes, which may be developed under an Agreement. The right of use shall also apply after termination of the Agreement.

18.6.3
If the Customer does not have access to the Supplier's operating documentation or only has limited access thereto, the Customer may, if so required, demand to receive a copy thereof in a generally accepted readable format at a recognised medium. The Customer has a perpetual and non-transferable right to use the operating documentation.

18.6.4
The Customer may give a third party the required insight into the operating documentation in order for the said third party to take over the delivery of similar services. The Supplier may make this conditional on the third party signing a customary declaration of confidentiality and respect for the Supplier's rights.

18.7 General knowledge and feedback

18.7.1
The Supplier is free to use the general knowledge and knowhow acquired when working for the Customer, which, however, does not include customer-specific information.

 

19 Infringement of third party rights

 

19.1
Notwithstanding generally applicable limitations of liability, a party ("Defending Party") must defend, indemnify and hold harmless the other party ("Affected Party") pursuant to this clause 19 for any justified claims submitted against the Affected Party, or finally awarded to, a third party that the Service infringes the third party's intellectual property rights.

19.2
Indemnification is conditional upon the Affected Party:

a) promptly notifying the Defending Party of the claim, giving the Defending Party the option of taking over the defence hereof;

b) giving the Defending Party any reasonably requested information and cooperation and sole authority to defend and settle the claim; and

c) not making any statement which may prejudicially affect the chances of settlement or defence of the claim.

19.3
The Defending Party may at its sole discretion obtain a valid licence to the infringed intellectual property rights or bring an end to the infringement by modifying or replacing the Services with a solution with materially the same functionality as the one infringing the third party's intellectual property rights.

19.4
Alternatively, the Defending Party may terminate the Agreement (or the part related to the infringing Services) with immediate effect against repayment of all amounts for the terminated part of the Agreement received within a period of twelve (12) months after the notice of the infringement to the Defending Party, without the obligation to indemnify further loss or costs.

19.5
The Defending Party's obligations do not apply if the claim or final judgment is based on:

a) the Affected Party's non-compliance with the Agreement;

b) the Affected Party's integration of the Services etc. with a third party product, data or business process including third party add-ons or software; or

c) use of the Services for other purposes than the intended purpose and/or contrary to the instructions regarding proper use.

19.6
This clause 19 is the Affected Party's sole and exclusive remedy in relation to infringement of third party intellectual property rights.

 

20 Duration and termination

 

20.1 Term

20.1.1
The term of the Agreement (and any licences and/or services granted hereunder) is set out in the Agreement.

20.1.2
The Agreement shall remain in force until the date on which it is terminated in accordance with its terms, unless it has been terminated at an earlier date as a result of termination for cause or convenience by either party in accordance with the Agreement.

20.2 Termination

20.2.1
The parties' right to terminate an Agreement is set out in the Agreement.

20.2.2
In the event of the Customer's termination for convenience, the Customer shall pay, in addition to any fee specified in the Agreement:

a) the charges accrued for the Services until the date when termination for convenience is made;

b) for Services delivered during the termination period; and

c) for Consultancy Services allocated during the termination period which the Customer does not want to be used during the termination period and which cannot reasonably be reallocated to other similar payable work for other existing customers of the Supplier before the expiry thereof.

20.2.3
In the event of termination by the Supplier, the Customer shall pay the amounts specified above in clause 20.2.2 (a) and (b).

20.2.4
Termination shall have prospective effect only (ex nunc) and shall not entitle the Customer to a refund of any amounts already paid.

20.3 Continued delivery after termination of the Agreement

20.3.1
If the transfer of Services from the Supplier to the Customer or to a third party appointed by the Customer has not been completed at the time of termination of the Agreement, the Customer may extend the Agreement for three (3) months at a time on unchanged terms with at least one (1) month's notice prior to the end of the Agreement. The Customer may repeat this extension until the transfer of Services has been completed, subject to a maximum of six (6) months from the date of termination.

20.3.2
If this extension imposes any additional costs on the Supplier in addition to the agreed remuneration, the Supplier may claim that such costs are to be paid by the Customer, unless the delay in the transfer of the Services has been caused by matters for which the Supplier is liable. If the failed transfer concerns only parts of the Services, the Customer may extend the Agreement for these Services in accordance with this paragraph.

20.3.3
If the Agreement is terminated as a result of the Customer's breach, the Supplier may require the Customer to provide a demand guarantee for future payments to the Supplier as a condition for the Supplier's continued delivery.

 

21 Force majeure event

 

21.1
Neither party shall be liable for failure to perform its obligations if this is caused by extraordinary circumstances outside the party's control, and which the party should not have avoided or overcome (Force Majeure). In such situation, a party can neither be liable in damages, nor for penalties.

21.2
Circumstances that occur with a sub-supplier are only considered Force Majeure if the sub-supplier faces an obstacle comprised by clause 21.1 and which neither the sub-supplier or the Supplier should have avoided or overcome with a reasonable and proportionate effort.

21.3
Force Majeure in case of delay cannot be claimed for more days than the number of days for which the Force Majeure situation is upheld. If a deadline for the Supplier is extended due to Force Majeure, any payments relating thereto will be postponed accordingly.

21.4
Force Majeure may only be claimed if the party in question has given written notice thereof to the other party no later than ten (10) days after the Force Majeure event has occurred.

21.5
The party not affected by the Force Majeure event may terminate the Agreement without notice if the Force Majeure event is upheld for more than thirty (30) days.

21.6
Where an Agreement imposes on the Supplier obligations to mitigate the consequences of a Force Majeure event, those obligations shall apply independently of this clause 21, and the Supplier shall not be entitled to claim exemption from liability in the event that the Supplier fails to comply with those obligations.

21.7
Force majeure does not exclude the right to a proportionate reduction.

 

22 Data

 

22.1 Rights to data

22.1.1
Customer data includes all information provided for the Supplier's processing in connection with the provision of agreed Services, customer-specific log files and support data generated in connection with the provision of agreed Services, as well as statistical data generated automatically, or compiled manually by the Supplier, about the Customer's use of Services ("Customer's Data").

22.1.2
Customer holds all rights to Customer's Data. The Supplier cannot use the Customer's Data for any other purpose than the performance of the Agreement.

22.2 No right of retention

22.2.1
The Supplier cannot retain the Customer's Data. This applies even if the Customer has breached its obligations under the Agreement, or if some kind of dispute or disagreement has occurred between the parties.

22.3 Liability for data

22.3.1
The Customer is responsible for the accuracy and integrity of the Customer's Data processed by the Supplier when using the Services; and the Customer's transfer, migration and/or conversion of the Customer's Data to or from the Services.

 

23 Security

 

23.1 In general

23.1.1
The Supplier must observe the security precautions explicitly set out in an Agreement.

23.2 Customer's internal security regulations

23.2.1
The Supplier shall perform the agreed Services in accordance with the Customer's internal safety regulations, if any, to the extent that these are accepted under an Agreement.

23.2.2
Any change requests by the Customer due to changes in the Customer's internal security regulations shall be handled as a Customer Change.

23.2.3
The Customer may not require the Supplier's employees to personally accept any terms relating to the Customer's IT security policy.

23.3 Supplier's own amendments

23.3.1
The Supplier's amendment of security precautions which are not customer-specific but are made as part of an adjustment to good IT practice and general security regulations and which are to apply for several of the Supplier's customers will be carried out at the Supplier's own expense and at the Supplier's discretion.

23.3.2
If the amendments result in the Supplier not being able to comply with agreed requirements in an Agreement and provided that there is a deterioration of agreed requirements, the amendments shall be handled in accordance with the rules on Changes set out in clause 9.

23.3.3
Regardless of the contents of the Customer's internal security regulations, the Supplier is entitled to make any technical adjustments of its operating environment at its own expense with a view to continuously prevent or remedy well-known security risks.

23.4 Antivirus and protection against hacking

23.4.1
The Supplier shall use up-to-date protection measures against virus and hacker attacks when delivering agreed Services, so that these are in line with good IT practice in the industry and respected standards and guidelines (e.g., recommendations from NIST or respected suppliers). Any specific requirements for e.g., scanning of software deliveries to prevent the spread of malware, encryption of emails and hard drives, use of VPNs, automatically updated end-point protection, protocols to support cryptographic algorithms, user authentication functionality, firewalls on all clients and the like, will follow from the Agreement.

23.5 Recovery plans and backup

23.5.1
The Supplier shall have systems, procedures and agreements in place to ensure that agreed Services including backup are provided in accordance with the specifications in an Agreement.

23.5.2
The Supplier must at any time have recovery plans and related systems, procedures and agreements ensuring recovery of Services in case the Supplier may be exposed to fire, flooding, stroke of lightning and other similar extraordinary events. Recovery plans, including systems, procedures and agreements required to secure the agreed Services, must be documented by the Supplier if requested by the Customer. Once every year, the Supplier must document towards the Customer that the preparedness has been tested and works in accordance with the recovery plan.

23.6 Security incidents

23.6.1
A security incident is an incident that adversely affects or is deemed likely to adversely affect the availability, integrity or confidentiality of data, information systems, digital networks or digital services and that occurs in connection with the Supplier's Services ("Security Incidents").

23.6.2
The Supplier shall respond to Security Incidents when the Supplier becomes aware of them and otherwise take the initiative to ensure their appropriate handling in accordance with Good IT Practice, which includes for example:

• the obligation to carry out or assist in root cause analysis
• the obligation to provide documentation and advice on any security defects in the product
• the obligation to take immediate remedial action and implement workarounds
• the obligation to share descriptions of systems and products involved
• the obligation to share preliminary and final analyses of threats, vulnerabilities and criticality
• the obligation to provide regular information on actions, plans, status and the obligation to keep a detailed log thereof.

23.6.3
The Supplier's assistance in dealing with Security Incidents may be invoiced on a time basis if the Supplier can demonstrate that the Security Incident is not attributable to circumstances for which the Supplier is responsible.

23.7 Security breaches

23.7.1
If the Supplier registers a security breach in the form of a personal data breach, the Supplier must notify the Customer thereof without undue delay and in accordance with Article 33 of the General Data Protection Regulation. This applies even if the security breach has been remedied and the affected personal data was not compromised.

23.7.2
Such notice must be followed by a detailed statement of the security breach, which complies with the requirements specified in Article 33 of the General Data Protection Regulation, including the requirements to the contents of a notification to the supervisory authority. The statement must be submitted, as far as possible, within forty-eight (48) hours after the Supplier has become aware of the security breach.

23.8 Processing of personal data
If, in the performance of an Agreement, the Supplier undertakes to process personal data on behalf of the Customer (as a data processor), the parties must enter into a separate data processor agreement based on the Supplier's standard which complies with relevant mandatory legislation. The provisions of the data processor agreement prevail in the area of processing of personal data in the event of conflict with the provisions of the Agreement, the General Terms or the Service Terms.

 

24 Confidentiality

 

24.1 Confidentiality requirements

24.1.1
The parties, their employees and the Supplier's sub-suppliers must observe confidentiality to a reasonable extent as regards information related to each other or a third party, of which they obtain knowledge in the course of performance of the Agreement, and which is not and will not be publicly known ("Confidential Information"). Neither party may use or disclose such information, unless this is due to the performance of the Agreement and in accordance with this provision.

24.2 Exclusions to confidentiality

24.2.1
The Supplier may disclose Confidential Information (i) to its sub-suppliers and suppliers of Third Party Services, to the extent such disclosure is required and confidential, for the sub-supplier or third party to be able to assist the Supplier with the performance of an Agreement, and (ii) to a third party and its advisors in connection with a divestiture of one or more of the Supplier's companies, business units, etc.

24.2.2
The Customer may disclose Confidential Information to consultants, other suppliers and other parties providing assistance to the Customer, on the condition that these parties sign a written confidentiality statement similar to the one which has been imposed on the Customer pursuant to these terms. This furthermore applies to the Customer's communication with any new and potential suppliers in connection with the termination of an Agreement. The right to disclosure does not include trade secrets.

24.2.3
The parties may pass on Confidential Information to the extent required pursuant to legislation, judgments delivered by courts or orders from public authorities or administrative bodies.

24.2.4
The confidentiality obligation shall furthermore apply after termination of an Agreement, regardless of the reason therefore.

24.3 Supplier's references and disclosure

24.3.1
The Supplier may include the Customer's name in a list of references, unless the Customer explicitly requests otherwise. In addition thereto, the Supplier cannot use the Customer's name for marketing purposes, unless the Customer consents thereto in writing.

24.3.2
The parties cannot disclose information to the press about matters related to an Agreement without the other party's prior written consent, unless such disclosure only concerns matters which have already been made available to the public.

24.4
Personal information subject to privacy laws is not per se confidential information.

 

25 Assignment

 

25.1
The parties may only assign rights and obligations pursuant to the Agreement to a third party with the other party's prior written approval, which must not be unreasonably withheld or delayed.

25.2
Notwithstanding any provision to the contrary, the Supplier may, at its sole discretion, assign the Agreement, in whole or in part, to (a) one of the Supplier's group companies or (b) to a third party as part of a sale of one or more of the Supplier's companies, business units, etc.

26 Validity and severability

26.1
If a provision in an Agreement is considered illegal, invalid or unenforceable, such provision shall be enforced to the maximum extent possible, and such provision shall not affect the legality or the validity of any other provisions.

27 Global trade compliance and anti-corruption

27.1
Services are provided for the Customer's internal use and not for commercialisation. If the Customer exports, imports, or otherwise transfers the result of a Service, the Customer will be responsible for complying with applicable laws and regulations and for obtaining any required export or import authorisations. Both parties must comply with applicable laws and regulations relating to antibribery and anti-corruption. The Supplier may suspend its performance under the Agreement to the extent required by applicable law.

28 "Fix and deliver first, settle later" – Ongoing Services

28.1
The Supplier shall initiate remedial action in accordance with clause 14.4, regardless of whether Supplier disagrees with the Customer's objections regarding defects ("Fix first, settle later") in case of Ongoing Services.

28.2
The Supplier shall provide all Ongoing Services that are critical to maintaining the continued operation of the systems comprised by the Ongoing Services, regardless of whether the Supplier disagrees that the Ongoing Service is separately payable ("Deliver first, settle later").

28.3
The Supplier shall not be entitled to exercise any right of retention, stop or otherwise delay the supply of the Ongoing Services if the Customer exercises its right under clause 28.1 or 28.2.

28.4
If the parties disagree as to whether there is an obligation to remedy or a claim for payment for the provision of an Ongoing Service, the parties shall seek to resolve the disagreement without undue delay. If the dispute is not resolved within five (5) Working Days, the Customer shall, without undue delay and within ten (10) Working Days after being requested to do so by the Supplier, initiate the obtaining of an opinion, cf. clause 29.3, as to whether the matter relied upon by the Customer constitutes a defect or whether a delivery claim is separately payable. If the Customer does not initiate this process, the Supplier shall be entitled, notwithstanding clause 28.2, to suspend its work in relation to the disputed matters until the Customer has initiated the process. The resulting opinion shall be provisionally binding on the parties, each party being entitled to demand a final settlement of the matter by arbitration in accordance with clause 29.5 without prior mediation. Arbitration shall not have suspensive effect. Costs related to the process are allocated taking into account the outcome of the opinion.

28.5
If it is subsequently established that there was no defect or that a service was separately payable, the Customer shall fully compensate the Supplier for its (additional) time and other documented and reasonable (additional) expenses incurred in remedying or providing the service in question.

28.6
In obtaining an expert opinion under the above, the Supplier may request the expert to assess whether the Customer should have been aware, at the time of its claim for remedy or delivery without separate payment, that such claim was unjustified. If the expert concludes that this is the case, the expert shall take this into account when determining the cost allocation between the parties and the Supplier shall in this case be entitled to a surcharge of 25% on its hourly rates for the work performed.

 

29 Governing law and disputes

 

29.1 Governing law

29.1.1
Agreements are governed by and construed in accordance with the law in the country where the Supplier is domiciled except for (a) rules leading to the application of other law and (b) the United Nations Convention on Contracts for the International Sale of Goods (CISG).

29.2 Negotiations between the parties

29.2.1
In case of a dispute between the parties regarding the Agreement and the performance thereof, either party may refer the dispute to the Customer's and the Supplier's day-to-day managers, who will settle the dispute jointly. If an agreement cannot be reached between the day-to-day managers, negotiations must be escalated to the steering committee if so appointed. If an agreement cannot be reached by the steering committee, or if a steering committee has not been established, the dispute must be escalated to a higher level in the parties' organisations.

29.3
Dispute resolution with assistance from a technical and/or legal expert

29.3.1
If the parties cannot reach an agreement through negotiation within five (5) Working Days, either party may, in addition to negotiation and mediation, request that an advisory opinion be obtained from an independent expert on the basis of the Danish Institute of Arbitration's rules in force at any time regarding legal/technical opinions in IT cases.

29.4 Mediation

29.4.1
If neither party requests to submit the matter to dispute resolution with assistance from a technical and/or legal expert, either party may request that the matter is solved by mediation presided over by a mediator appointed by the parties. If the parties cannot agree on the appointment of a mediator within ten (10) Working Days after one of the parties has submitted a request for mediation, either party may submit a request to the Association of Danish IT Attorneys (DITA) to appoint a mediator. Mediation will be based on DITA's medi-ation procedure.

29.4.2
The mediation procedure is commenced when one of the parties sends a written request for mediation to the other party including a copy to DITA. The mediator must be appointed by DITA at the latest ten (10) Working Days after DITA's receipt of a request for mediation.

29.4.3
As a minimum, a party shall be obliged to attend the first meeting convened by the mediator. However, a party shall be entitled to commence arbitration proceedings if a postponement thereof may result in forfeiture, e.g., because of a time bar.

29.4.4
If a party announces that the said party does not want to continue the mediation after the first meeting, or if the dispute has not been solved by mediation within eight (8) weeks after a written request for mediation has been submitted, either party may refer the dispute to final settlement by arbitration in accordance with the provisions specified below.

29.5 Arbitration

29.5.1
The place of arbitration is the municipality where the Supplier is registered.

29.5.2
If the total value of the dispute does not exceed DKK one (1) million, the dispute is settled by arbitration pursuant to the "Rules of simplified arbitration procedure of the Danish Institute of Arbitration" in force at the time when the arbitration proceedings are commenced.

29.5.3
The arbitration tribunal is appointed by the Danish Institute of Arbitration in accordance with the "Rules on simplified arbitration of the Danish Institute of Arbitration". The arbitrator shall be appointed by the Danish Institute of Arbitration. The parties may jointly propose an arbitrator no later than the expiry of the time limit for the respondent's reply. The parties agree to jointly seek to appoint an arbitrator on the basis of a recommendation from the Association of Danish IT Attor-neys (DITA).

29.5.4
If the total value of the dispute exceeds DKK one (1) million, the dispute is settled by arbitration pursuant to the "Rules of arbitration procedure of the Danish Institute of Arbitration" in force at the time when the arbitration proceedings are commenced.

29.5.5
The arbitration tribunal is appointed by the Danish Institute of Arbitration in accordance with the "Rules of arbitration of the Danish Institute of Arbitration". Unless the parties agree otherwise, the arbitration tribunal shall be composed of three (3) arbitrators. When the dispute is to be decided by a panel of three (3) arbitrators, the claimant may propose an arbitrator in its letter of complaint. The respondent may also propose an arbitrator in its statement of defence. The third arbitrator, who will be the chairman of the arbitration tribunal, shall be proposed by the Danish Institute of Arbitration, unless the parties jointly propose a chairman before the deadline for the respondent's submission of a statement of defence. The parties agree to jointly endeavour to appoint the chairman on the basis of the recommendation from the Association of Danish IT Attorneys (DITA).